<?php
    include 'konek.php';
    session_start();
    if(!isset($_SESSION['username'])) {
?>
    <script language="javascript">
        alert('anda blm login');
        document.location='../'
    </script>
<?php 
    } else {
        $username = $_SESSION['username'];
        $status = $_SESSION['status'];
    }

    $passold = $_POST['passold'];
    $pass = $_POST['pass'];
    $pass2 = $_POST['pass2'];
    if($pass!=$pass2) {
?>
    <script language="javascript">
        alert('Password Konfirm Salah!!!');
        document.location='../pages/editprofile.php'
    </script>
<?php
    } else {
        if($status=='siswa') {
            $que=mysql_query("select * from siswa where email_sis='$username' and pass_sis='$passold'");
            $cek = mysql_num_rows($que);
            if($cek) {
                $syntax = mysql_query("update siswa set pass_sis='$pass2' where email_sis='$username'");
?>
            <script language="javascript">
                alert('SUKSES');
                document.location='../pages/editprofile.php'
            </script>
<?php
            } else {
?>
            <script language="javascript">
                alert('Password lama salah!!!');
                document.location='../pages/editprofile.php'
            </script>
<?php
            }
        } else {
            $que2 = mysql_query("select * from guru where email='$username' and pass='$passold'");
            $cek2 = mysql_num_rows($que2);
            if($cek2) {
                $syntax = mysql_query("update guru set pass='$pass2' where email='$username'");
?>
            <script language="javascript">
                alert('SUKSES');
                document.location='../pages/editprofile.php'
            </script>
<?php
            } else {
?>
            <script language="javascript">
                alert('Password lama salah!!!');
                document.location='../pages/editprofile.php'
            </script>
<?php
            }
        }
    }
?>